All posts by cK-bot

■■■■□ Bypassing E2E encryption leads to multiple high vulnerabilities. https://melotover.medium.com/bypassing-e2e-encryption-leads-to-multiple-high-vulnerabilities-65b708e5ad84 https://t.me/cKure/14673

■■■■□ D-Link says it is not fixing four RCE flaws in DIR-846W routers due to End-of-Life. https://www.bleepingcomputer.com/news/security/d-link-says-it-is-not-fixing-four-rce-flaws-in-dir-846w-routers/ https://t.me/cKure/14671

■■■■□ Bypassing airport security via SQL injection. https://ian.sh/tsa https://t.me/cKure/14670

■■■■□ Firmware Security: Alcatel-Lucent ALE-DeskPhone. https://blog.syss.com/posts/voip-deskphone-firmware-security/ https://t.me/cKure/14669

■□□□□ Israel’s Unit 8200 headquarters hit around a fortnight ago by Hizbollah projectiles in multiple direct hits at infrastructure at Glilat military base. Israel confirmed the attack and declined to report BDA (battle damage assessment). Israel said that the attack had not succeeded. Hizbollah fired dozens of aimless projectiles, and iron dome started to take…

■■■■■ WiFi auth with OsmoHLR/SIM cards. https://kittenlabs.de/blog/2024/08/31/wifi-auth-with-osmohlr/sim-cards/ https://t.me/cKure/14667

■■□□□ Breaking Down Barriers: Exploiting Pre-Auth SQL Injection in WhatsUp Gold CVE-2024-6670. https://summoning.team/blog/progress-whatsup-gold-sqli-cve-2024-6670/ https://t.me/cKure/14666

■■■■□ Cobalt Strike – CDN / Reverse Proxy Setup. https://redops.at/en/blog/cobalt-strike-cdn-reverse-proxy-setup https://t.me/cKure/14665

■■■□□ The Discovery of CVE-2024–5947: Authentication Bypass in Deep Sea Electronics DSE855. https://infosecwriteups.com/the-discovery-of-cve-2024-5947-authentication-bypass-in-deep-sea-electronics-dse855-5fa2e89cbdfb https://t.me/cKure/14664

■□□□□ Update: Wireshark 4.4.0 https://isc.sans.edu/diary/31220 https://t.me/cKure/14663